Brendan Griffin

I02: SharePoint Hybrid

Capabilities Rundown

May 28th 2016

#SPSParis @brendankarl

Diamond

Platinum

Gold

Silver

Organizers

& Community

www.spsevents.org/city/Paris/Paris2016

Keynote Speaker: Jeff TeperMicrosoft Corporate

Vice-PresidentSharePoint + OneDrive

Donation

Tombala / Raffle

After Jeff Teper’s Keynote Après la Keynote de Jeff Teper

2

4

2

1

4

4

3

Agenda

• What is Hybrid?

• Identity Considerations

• Pre-Requisites

• Hybrid Configuration Walkthrough & Demo

• OneDrive for Business

• Team Sites

• Search

What is Hybrid?

Office 365 + SharePoint 2013/2016 = Hybrid• Securely integrate SharePoint Online with SharePoint On-Premises

• Evaluate the Cloud at your own pace

• Facilitates gradual migration from On-Premises to Office 365

Identity Considerations

How does Authorization Work in a Hybrid Environment?

• There are three different identity scenarios for Office 365

• Hybrid requires the ability to map an On-Premises user to a user account in Azure AD

• Therefore Cloud Identity is not an option for Hybrid

Identity Considerations

Decisions, Decisions???

• Should you go for Synchronised or Federated Identity…it all depends!

• A great Blog post that outlines potential reasons to opt for Federated Identity over Synchronised

Identity Considerations

• In this session we will use the Synchronized Identity approach

• Users from the On-Premise AD will be sync’d to Office 365

• Enables users to logon to SharePoint On-Premises and Office 365using the same username and password

Pre-Requisites

1 – Verify Internal Domain

• Verify the internal AD domain name with Office 365 – Needs to be a routable domain!

• Enables Microsoft to verify that you “own” the domain

• If you are using a non-routable domain (.local) for AD – all is not lost!

• Verifying a domain increases the Office 365 object limit from 50K to 300K!

Pre-Requisites

1 – Verify Internal Domain

• In my environment the AD domain is brendg.local which isn’t routable!

• I purchased brendg.co.uk and associated this with the AD domain brendg.local by adding a UPN Suffix

• Updated user accounts to use the new UPN Suffix (domain)

Pre-Requisites

1 – Verify Internal Domain

• Involves adding a temporary DNS record to the domain

• The existence of this record is verified by Microsoft to validate domain ownership

• Instructions included for the most common DNS hosting providers

Pre-Requisites

2 – Active Directory• AD domain must be at least Windows Server 2003 Forest Functional Level

• Use IdFix to identify objects that could cause sync issues and remediate• Illegal characters

• Duplicate entries

• Length

• …

Pre-Requisites

3 – Office 365Activate Active Directory synchronization in Office 365 in preparation for synchronizing users

PowerShell

Admin Center

Pre-Requisites

4 – Azure AD Connect• Install and configure the Azure AD Connect tool to sync users between

On-Premises and Azure AD

• Assign user licenses in Office 365

Pre-Requisites

5 – SharePoint Service ApplicationsA number of Service Application are required to support Hybrid

• Secure Store is required for inbound Hybrid Search

• User Profile Service required to rehydrate users for Search Security Trimming

Hybrid OneDrive for Business

• User can have a OneDrive hosted in Office 365 that can be accessed directly via On-Premises SharePoint

• Reduce On-Premises storage costs by moving OD4B to the Cloud• Can be enabled for all users or a selection using a SharePoint

Audience

Hybrid Team Sites

• Maintains a single list of followed Sites for both On-Premises and Office 365

• When a user follows a Site (On-Premises or Office 365), this is added to their followed Sites list in Office 365

Hybrid Team Sites

• On-Premises users are redirected to Office 365 when clicking the Sites tile

• Setting up Hybrid Team Sites also configures Profile redirection and the Extensible App Launcher

Cloud Hybrid Search

• A single search index that spans Office 365 and On-Premises• Requires a Cloud Search Service Application to be provisioned

On-Premises• Cloud SSA crawls On-Premises content and sends the metadata to

the search index in Office 365

Cloud Hybrid Search

Cloud Hybrid Search

Benefits:• Unified search results, search relevance ranking and refiners even if your

organization has content in both On-Premises and Office 365.

• You no longer have to worry about the size of your search index, because your search index is stored in Office 365.

• Less hardware required On-Premises.

• Upgrading to a later version of SharePoint On-Premises is simpler as you don’t need to worry about Search.

Cloud Hybrid Search

Pre-Requisites:• SharePoint 2016 or SharePoint 2013 SP1 + January 2016 CU

• PowerShell scripts to configure Cloud Hybrid Search –https://www.microsoft.com/en-us/download/details.aspx?id=51490

• Online Services Sign-In Assistant – http://www.microsoft.com/en-us/download/details.aspx?id=39267

• Azure AD PowerShell – http://go.microsoft.com/fwlink/p/?linkid=236297

Cloud Hybrid Search

PowerShell Configuration Scripts:• 1 – CreateCloudSSA.ps1

o Creates a Search Service Application in Cloud mode

o Can use your own scripts to provision, ensure that you use -CloudIndex $true

o Cannot be provisioned using the UI

Cloud Hybrid Search

PowerShell Configuration Scripts:• 2 – Onboard-CloudHybridSearch.ps1

o Creates an Azure ACS Proxy

o Registers Azure ACS and Trusted Token Issuer

o Creates SPO Management Proxy

o Installs On-Premises Token Signing Certificate into the Office 365 Tenant

o Registers Service Principals in the Office 365 Tenant

Thank you!

Online evaluation formEvaluations en ligne

http://bit.ly/SPSParis2016Eval

Merci !